Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
CVE-2011-1220 EXPLOITDB ruby VERIFIED
IBM Tivoli Management Framework 3.7.1, 4.1, 4.1.1, 4.3.1 - Authenticated Stack-Based Buffer Overflow via Long opts Field
Stack-based buffer overflow in lcfd.exe in Tivoli Endpoint in IBM Tivoli Management Framework 3.7.1, 4.1, 4.1.1, and 4.3.1 allows remote authenticated users to execute arbitrary code via a long opts field.
by Metasploit
CVE-2011-5211 EXPLOITDB text VERIFIED
Subrion CMS 2.0.4 - Cross-Site Scripting via Poll Title Field
Cross-site scripting (XSS) vulnerability in the poll module in Subrion CMS 2.0.4 allows remote attackers to inject arbitrary web script or HTML via the title field. NOTE: some of these details are obtained from third party information. NOTE: this might overlap CVE-2012-5452.
by Karthik R
EIP-2026-119446 EXPLOITDB text VERIFIED
Trend Micro Data Loss Prevention Virtual Appliance 5.5 - Directory Traversal
by White Hat Consultores
EIP-2026-118007 EXPLOITDB python VERIFIED
The KMPlayer 3.0.0.1440 (Windows 7) - '.mp3' Local Buffer Overflow (ASLR Bypass)
by xsploitedsec
EIP-2026-116466 EXPLOITDB html VERIFIED
UUSEE ActiveX < 6.11.0412.1 - Buffer Overflow
by huimaozi
EIP-2026-112584 EXPLOITDB python
Technote 7.2 - Blind SQL Injection
by BlueH4G
CVE-2011-5212 EXPLOITDB text VERIFIED
Subrion CMS 2.0.4 - SQL Injection via Admin Login Fields
SQL injection vulnerability in admin/index.php in Subrion CMS 2.0.4 allows remote attackers to execute arbitrary SQL commands via the (1) user name or (2) password field.
by Karthik R
EIP-2026-102904 EXPLOITDB c VERIFIED
Linux Kernel 2.6.28/3.0 (DEC Alpha Linux) - Local Privilege Escalation
by Dan Rosenberg
EIP-2026-119444 EXPLOITDB text VERIFIED
Tele Data Contact Management Server - Directory Traversal
by AutoSec Tools
EIP-2026-119142 EXPLOITDB text VERIFIED
Simple Web Server 1.2 - Directory Traversal
by AutoSec Tools
EIP-2026-112737 EXPLOITDB text VERIFIED
Tolinet Agencia - 'id' SQL Injection
by Andrea Bocchetti
EIP-2026-110440 EXPLOITDB python
Pacer Edition CMS 2.1 - 'rm' Arbitrary File Deletion
by LiquidWorm
EIP-2026-110439 EXPLOITDB text
Pacer Edition CMS 2.1 - 'l' Local File Inclusion
by LiquidWorm
EIP-2026-105183 EXPLOITDB text
Angora Guestbook 1.5 - Local File Inclusion
by AutoSec Tools
CVE-2011-1567 EXPLOITDB ruby VERIFIED
IGSSdataServer.exe <9.00.00.11063 - Buffer Overflow
Multiple stack-based buffer overflows in IGSSdataServer.exe 9.00.00.11063 and earlier in 7-Technologies Interactive Graphical SCADA System (IGSS) allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted (1) ListAll, (2) Write File, (3) ReadFile, (4) Delete, (5) RenameFile, and (6) FileInfo commands in an 0xd opcode; (7) the Add, (8) ReadFile, (9) Write File, (10) Rename, (11) Delete, and (12) Add commands in an RMS report templates (0x7) opcode; and (13) 0x4 command in an STDREP request (0x8) opcode to TCP port 12401.
by Metasploit
EIP-2026-101925 EXPLOITDB text
Polycom IP Phone - Web Interface Data Disclosure
by Yakir Wizman
EIP-2026-101511 EXPLOITDB text VERIFIED
Aastra IP Phone 9480i - Web Interface Data Disclosure
by Yakir Wizman
EIP-2026-100309 EXPLOITDB text VERIFIED
EquiPCS - SQL Injection
by Sideswipe
EIP-2026-118232 EXPLOITDB python VERIFIED
ActFax Server FTP - (Authenticated) Remote Buffer Overflow
by b33f
CVE-2011-2194 EXPLOITDB text VERIFIED
VLC media player <1.1.9 - DoS/Buffer Overflow
Integer overflow in the XSPF playlist parser in VideoLAN VLC media player 0.8.5 through 1.1.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors that trigger a heap-based buffer overflow.
by TecR0c
EIP-2026-113780 EXPLOITDB text VERIFIED
WordPress Plugin GD Star Rating - 'votes' SQL Injection
by anonymous
CVE-2011-2201 EXPLOITDB perl VERIFIED
Data::FormValidator <4.66 - Info Disclosure
The Data::FormValidator module 4.66 and earlier for Perl, when untaint_all_constraints is enabled, does not properly preserve the taint attribute of data, which might allow remote attackers to bypass the taint protection mechanism via form input.
by dst
EIP-2026-118669 EXPLOITDB python
IBM Tivoli Endpoint 4.1.1 - Remote SYSTEM
by Jeremy Brown
EIP-2026-114409 EXPLOITDB text VERIFIED
Xataface 1.x - 'action' Local File Inclusion
by ITSecTeam
EIP-2026-112637 EXPLOITDB html VERIFIED
The Pacer Edition CMS 2.1 - 'email' Cross-Site Scripting
by LiquidWorm